twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds.
Metrics
Affected Vendors & Products
References
History
Mon, 25 Nov 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Twisted
Twisted twisted |
|
CPEs | cpe:2.3:a:twisted:twisted:*:*:*:*:*:*:*:* | |
Vendors & Products |
Twistedmatrix
Twistedmatrix twisted |
Twisted
Twisted twisted |
Fri, 22 Nov 2024 12:00:00 +0000
Mon, 18 Nov 2024 23:45:00 +0000
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2022-02-07T00:00:00
Updated: 2024-11-18T22:49:07.500Z
Reserved: 2021-11-16T00:00:00
Link: CVE-2022-21712
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-02-07T22:15:08.587
Modified: 2024-11-25T18:12:24.673
Link: CVE-2022-21712
Redhat